On 2010-01-28 17:30, Alain Williams wrote: > On Thu, Jan 28, 2010 at 08:59:01AM -0800, Todd Lyons wrote: [snip] > > it looks solid (untested). Puts all the work in the database, and > > makes a very small exim function call. Nice. I also agree with > > MIke's post that your cleanup should be part of the query. > > Hmmm: I can see people just taking this and blindly implementing it, in > which case > what is a suitable number in: > > RAND() < 0.01 > > 0.01 will compare 1 in 100. My home machine gets some 50,000 connections a > day, so that > will result in a tidy operation 500 times/day -- far too many. > Choose a different number and it might not be suitable on a less busy > machine. > > That is why I suggest putting it in cron - at least you know that it will > happen > once/day (or whatever). > > However: opinions will differ. I will add something to the ''Discussion & > config changes'' > section that talks about this. I'll wait for more opinion before doing so. [snip]
Cleanup periodically with cron is better, unless the bulk delete operation locks the database for so long that greylisting could not proceed, but which should only happen on mail server with very large mail volume. May I suggest an enhancement to your greylisting? As we all know, expired greylisted entries are very likely to be compromised computers. Could you optionally output these entries while cleaning up the database? One day, when the world decides to act together to mitigate the botnets, the list of expired greylisted entries will be very useful for botnet detection. In fact, I wish that every greylisting could implement this feature. -- Chih-Cherng Chin Botnet Detection with Greylisting: http://botnet-tracker.blogspot.com/2009/11/greylisting-botnet-detection-honeypot.html -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
